TCP/IP Notes
CPSC 330 - Spring 2004

Internet

the Internet provides an appearance of a single network, but is actually thousands of interconnected networks
uses TCP/IP as nearly universal protocol
(others include WAP and multimedia streaming protocols)

TCP/IP

actually a suite of protocols - best known:

IP (internet protocol) - provides basic naming and delivery services for hosts
TCP (transmission control protocol) - provides reliable, full-duplex connection between processes

how TCP/IP corresponds to OSI model (see textbook, Figure 10.9, p. 465)

      |  request/reply using
      |    symbolic names
    +------------------------+
    | 7 / application layer  | >- mail, ftp, telnet, dns, ...
    +------------------------+
      |  UDP messages or
      |    TCP streams
    +------------------------+
    | 6 / presentation layer | \
    | 5 / session layer      |  - TCP - sessions, packets (in-order, error-free)
    | 4 / transport layer    | /
    +------------------------+
      |  packets
    +------------------------+
    |   (internetworking)    | >- IP - formatting header
    | - - - - - - - - - - - -|
    | 3 / network layer      |    (separate network layer may be absent)
    +------------------------+
      |  datagrams
    +------------------------+
    | 2 / data-link layer    | \- host to network, e.g., Ethernet
    | 1 / physical layer     | /
    +------------------------+

IPv4 addresses

each host has a 32-bit unique address (Internet wide)

network_number . host_id
DNS (domain name service) - distributed database for translating a symbolic host name into IP address
ICANN - controls first level symbolic domain names
.com, .edu, .gov, .org, .net, .int, .mil, .biz, .info, .name, .pro, .aero, .coop, .museum, along with country domains such as .jp, .uk, .nl
USA-oriented, note that in other countries second-level domain names can differ, e.g., in England universities are .ac.uk (academic community) and companies are .co.uk

address classes

                                                     +-----+-----^-----^-----+
                                                     |  A  |  B  |  C  |  D  |
                                                     +-----+-----^-----^-----+
  class A (1 octet)  1-126             (A=0xxxxxxx)  | 126 |    16,777,214   |
                                                     +-----^-----.-----------+
  class B (2 octets) 128.0-191.255     (A=10xxxxxx)  |   16,384  |   65,534  |
                                                     +-----------^-----.-----+
  class C (3 octets) 192.0-223.255.255 (A=110xxxxx)  |    2,097,152    | 254 |
                                                     +-----------------^-----+

  class D            224-239 (A=1110xxxx) reserved for multicast backbone

  class E            240-247 (A=11110xxx) reserved for experimental purposes

no network number or host field can have all 0s or all 1s
127.0.0.1 is special loopback address for testing a server with clients running on the same host
subnets - divide host_id field into two parts: subnet_id.host_number

CIDR - classless interdomain routing - net/host division is on arbitrary bit boundary not octet

         208.12.16.0 /20
     +---------------.------+
     | 20-bit net id | host |
     +---------------^------+

IPv6 addresses - 128 bits

typically fixed internet connections (e.g., cable modems) have fixed IP addresses, whereas dial-up providers dynamically assign IP addresses from a pool each time a user dials up. however, a proxy server will have a single IP address and the traffic wrt the internet appears to come and go from that one machine.

(web sites will often assign cookies to give each user a unique identity)

see also Chris Lewis, "All about IP addresses"

IP (internet protocol)

connectionless, best-effort service
formats the IP header
translates IP addresses of source and destination into MAC addresses (using ARP - see links below) and adds those to the front end

if destination is not in host's routing table (i.e., not on LAN), then sets destination MAC address to router

  frame

  .----------------.---------------.------.-----------.------.-----.
  | dest. MAC addr | src. MAC addr | type | IP header | data | CRC |
  `----------------^---------------^------^-----------^------^-----'
                                           contains
                                           destination and
                                           source IP addresses

IP routing

packets travel from router to router until reaching one that is attached to the host with the specified destination IP address
a packet hop count is decremented at each intermediate node; the packet is dropped if the hop count ever reaches zero

a router uses various tables; the most basic is a forwarding table to map which output port a packet should be sent

    IP addr prefix   port         +--------+ port 0
    ---------------+-----         |        |--------> 100.100
        100.100    |  0        -->| router |
        200.200    |  1           |        | port 1
                                  |        |--------> 200.200
                                  +--------+

more detailed table - table is ordered and searched from top down with longest prefix matching

    - LAN 1 (1.1.1._) -           backbone           - LAN 2 (2.2.2._) -
   /                   \            link            /                   \
+---------+          +------+                  +------+            +---------+
| host 1  |   port 0 |router| port 1    port 0 |router| port 1     | host 2  |
| 1.1.1.1 |<-------->| one  |<---------------->| two  |<---------.>| 2.2.2.2 |
+---------+  1.1.1.0 +------+ 3.3.3.0  3.3.3.1 +------+ 2.2.2.1  | +---------+
                        ^                                        |
                        | port 2                                 |
               backbone | 4.4.4.0                                | +---------+
                   link |                                        | | host 3  |
                        |                                        `>| 2.2.2.3 |
                        v                                          +---------+
                    +---------+
                    | router  | connected to
                    | three   | the internet
                    | 4.4.4.1 |<------------>
                    +---------+

    [from router 1]  destination   mask   gateway   port
                     -----------   ----   -------   ----
    [to host 1]         1.1.1.1    /32    1.1.1.0    0    host route
    [to host 2]         2.2.2.2    /32    3.3.3.1    1    host route
    [to network 1]      1.1.1.0    /24    1.1.1.0    0    network route
    [to network 2]      2.2.2.0    /24    3.3.3.1    1    network route
    [w/in router]     127.0.0 0    / 8       -       -    loopback
    [to internet]       0.0.0.0    / 0    4.4.4.1    2    default route

(see also )

details

host route - specific IP address, compare on all 32 bits

network route - mask off host_id and use the variable-length network_number as the key

default route - used for network_numbers that do not have a specific entry in the routing table

if a route is found, the router will change the source MAC address to its own MAC address and change the destination MAC address to the port appropriate for the next network

            --- LAN 1 (1.1.1._) ---           --- LAN 2 (2.2.2._) ---
           /                       \         /                       \
       +--------+                  +----------+                 +--------+
       | host 1 |           port 0 |  router  | port 1          | host 2 |
       |        |<---------------->|          |<--------------->|        |
       +--------+                  +----------+                 +--------+
IP       1.1.1.1            1.1.1.0            2.2.2.1           2.2.2.2
MAC aa-aa-aa-aa-aa-aa  bb-bb-bb-bb-bb-bb  cc-cc-cc-cc-cc-cc  dd-dd-dd-dd-dd-dd


  packet from host 1 to host 2

     IP dest    IP source
  +-----------+-----------+---------+
  |  2.2.2.2  |  1.1.1.1  | payload |
  +-----------+-----------+---------+


  frame -- first hop -- from host 1 to router

     MAC destination       MAC source        IP dest    IP source
  +-------------------+-------------------+-----------+-----------+---------+
  | bb-bb-bb-bb-bb-bb | aa-aa-aa-aa-aa-aa |  2.2.2.2  |  1.1.1.1  | payload |
  +-------------------+-------------------+-----------+-----------+---------+


  frame -- second hop -- from router to host 2

     MAC destination       MAC source        IP dest    IP source
  +-------------------+-------------------+-----------+-----------+---------+
  | dd-dd-dd-dd-dd-dd | cc-cc-cc-cc-cc-cc |  2.2.2.2  |  1.1.1.1  | payload |
  +-------------------+-------------------+-----------+-----------+---------+

routing tables are kept up-to-date by various protocols
if packet size is too large for next network, the router will subdivide input packet into multiple output packets

CIDR takes advantage of longest prefix matching, since table order is important

   range of IP addresses

   208.12.21.0 /24             |--|                       8-bit host id
   208.12.16.0 /20   |----------..--------------------|  12-bit host id
                     |                                |
                 208.12.16.00                     208.12.31.255


   forwarding table

   208.12.21.0 /24  port_0  longer prefix - smaller range - encompassed entry
   208.12.16.0 /20  port_1  shorter prefix - larger range - encompassing entry

TCP (transmission control protocol)

connection-oriented - initial communication to agree on providing reliable service
establishes and terminates a session with the destination node
packetizes the data and assigns sequence numbers
acknowledges packet receipts, provides for retransmission of dropped packets
flow control (window size given with each acknowledgement)
port numbers - used to identify processes on servers
- 1-1023 reserved for well-known applications (e.g., http is port 80)
- 1024-2^16 called ephemeral ports, dynamically assigned
defines network byte order as big-endian

UDP (unreliable data protocol / user datagram protocol)

extends IP for process-to-process communication rather than host-to-host
connection-less, unreliable service
lightweight (no sequencing or flow control)
no retransmission
e.g., used for VOIP (voice-over-IP)

Some of the other protocols in TCP/IP family

    +------+------+------+------+
    |      | ICMP | UDP  | TCP  |
    | ARP  +------+------+------+
    |      |         IP         |
    +------+--------------------+
    |    local area network     |
    +---------------------------+

ARP / RARP (address resolution protocol / reverse ARP) - support for translating IP to Ethernet addresses
- ARP discussion
- another ARP discussion
ICMP (internet control message protocol) - error handling and control functions

routing protocols

adaptive - periodically reevaluates routing decisions based on traffic and link/node outages
distance-vector routing - routers inform neighbors of routing table, each router picks neighbor with lowest cost
link-state routing - routing tables change based upon status of links, also uses # hops, line speed, amount of traffic, and cost; faster convergence than distance-vector methods
each area within an autonomous system is a group of routers that use the same routing protocol
RIP (routing information protocol) - distance vector
IPX (internet packet exchange) - distance vector
OSPF (open shortest path first) - link state
IGP (interior gateway protocol)
EGP (exterior gateway protocol)
BGP (border gateway protocol)
(http://www.netbook.cs.purdue.edu/figures/f25_3.htm)

network access protocols (TCP/IP over serial lines, such as dial-up phone lines)

SLIP (Serial Line Internet Protocol)
PPP (Point to Point Protocol)

sockets interface

to a network, a socket is an end point of a connection
to a running process, a socket is an open file (I/O stream)
socket address is host_ip_address:port_number
connection address is (client_ip_address:port,server_ip_address:port)
socket() creates a new connection end point
bind() attaches a local address to a socket
listen() allows connections to be made and establishes queue
connect() is connection attempt by client
accept() blocks until a connection attempt is made, creates a new connection socket and returns a file descriptor
16-bit port number
- well-known - standard assignments (e.g., 80 is http, 22 is ssh)
- ephemeral - assigned by OS on connection request
- on Unix, cat /etc/services

client-server relationship

    client                server
    ------                ------

                          openlistenfd()
                            socket()
                            bind()
                            listen()
                            |
    open_clientfd()         |
       socket()             v
       connect() -------> accept() <-.
       v                    v        |
    write() ------------> read()     |
       v                    v        |
    read()  <------------ write()    |
       v                    v        |
    close() ---- EOF ---> read()     |
                            v        |
                          close() ---'

listen socket always open

    client host address              server host address
       130.127.48.16                    130.127.28.32

        .---------.     listen socket    .---------.
        | client  |--------------------->| server  |
        | process |                      | process |
        |         |--------------------->|         |
        |         |<---------------------|         |
        `---------'   connection socket  `---------'

    server listen socket address = 130.127.28.32:80 (well-known port)
    server gets new socket for each accept, can fork off a child
       process for that client with the new socket and go back to
       waiting on the listen socket

[CPSC 330 homepage]

mark@cs.clemson.edu

TCP/IP Notes CPSC 330 - Spring 2004